I have fixed 1) and 3).
2) is intentional.
prefixRewrite="none" means follow Canonical XML 1.x behavior. And in that the namespaces are supposed to be sorted by prefix. (See section 2.2 in Canonical XML 1.0 http://www.w3.org/TR/xml-c14n#DocumentOrder)
Whereas in prefixRewrite="sequential" and "digest" we get rid of prefix names, so we cannot sort by prefixes.
Let us illustrate by an example
Look at example 3.3 in Canonical XML 1.0 http://www.w3.org/TR/xml-c14n#Example-SETags)
This have three namespaces
In canonical XML 1.0, they are emitted in this order
xmlns="http://example.org" xmlns:a="http://www.w3.org" xmlns:b="http://www.ietf.org"
(Sorted by prefix i.e. "", "a", "b")
Whereas with prefixRewrite="sequential", they are emitted in this order
xmlns:n5="https://example.org" xmlns:n6="http://www.ietf.org" xmlns:n7="http://www.w3.org")
(prefix assigned by URI order. "example" "www.ietf", "www.w3")
I have changed the step 3 to indicate this.
Step 3: If SortAttributes="true" which is the default, then sort this list of namespaces as follows:
In case of prefixRewrite="none" sort the namespace declaration in lexicographic(ascending) order of prefixes (the default namespace declaration has no prefix, so it is lexicographically least).
In case of prefixRewrite="sequential" or prefixRewrite="digest" sort them in ascending order of namespace URI
Pratik
-----Original Message-----
From: Meiko Jensen [mailto:Meiko.Jensen@ruhr-uni-bochum.de]
Sent: Friday, August 13, 2010 7:41 AM
To: XMLSec WG Public List
Subject: C14N2.0 minor issues
My student found some minor issues with the Canonical XML Version 2.0
Document (Draft of 07 August):
1) chapters 4.7 and 4.8 contradict 2.3 (and I think the 2.3 description
is correct here) by saying that a newline has to be added *before* a PI
if we are *before* the document node and *after* the PI if we are
*after* the document node. I'd think it has to be the other way round,
to separate PI and document node by a newline (as said in 2.3)
2) 4.10 says that if prefixRewrite is set to none you'd have to "sort
the nsToBeOutputList by the prefix", while in the other two cases it
says to "sort the nsToBeOutputList by URI". I'm not sure what the
correct behaviour is here, but I'm wondering on why we have this
differentiation...
3) Example 2.5.3.2 for sequential prefix rewriting starts with "n1"
though the text in 2.5.2 says the counter starts with 0.
Meiko
--
Dipl.-Inf. Meiko Jensen
Chair for Network and Data Security
Horst GÃ¶rtz Institute for IT-Security
Ruhr University Bochum, Germany
_____________________________
UniversitÃ¤tsstr. 150, Geb. IC 4/150
D-44780 Bochum, Germany
Phone: +49 (0) 234 / 32-26796
Telefax: +49 (0) 234 / 32-14347
http:// www.nds.rub.de